src/backup/data_blob.rs: implement signed blobs

2019-08-02 09:56:01 +02:00 · 2019-08-02 09:56:01 +02:00 · 69ecd8d5b0
parent 93205f942a
commit 69ecd8d5b0
2 changed files with 89 additions and 0 deletions
--- a/src/backup/data_blob.rs
+++ b/src/backup/data_blob.rs
@ -62,6 +62,7 @@ impl DataBlob {
        Ok(())
    }

+    /// Create a DataBlob, optionally compressed and/or encrypted
    pub fn encode(
        data: &[u8],
        config: Option<&CryptConfig>,
@ -174,11 +175,72 @@ impl DataBlob {
            } else {
                bail!("unable to decrypt blob - missing CryptConfig");
            }
+        } else if magic == &AUTH_COMPR_BLOB_MAGIC_1_0 || magic == &AUTHENTICATED_BLOB_MAGIC_1_0 {
+            let header_len = std::mem::size_of::<AuthenticatedDataBlobHeader>();
+            let head = unsafe {
+                (&self.raw_data[..header_len]).read_le_value::<AuthenticatedDataBlobHeader>()?
+            };
+
+            let data_start = std::mem::size_of::<AuthenticatedDataBlobHeader>();
+
+            // Note: only verify if we have a crypt config
+            if let Some(config) = config  {
+                let signature = config.compute_auth_tag(&self.raw_data[data_start..]);
+                if signature != head.tag {
+                    bail!("verifying blob signature failed");
+                }
+            }
+
+            if magic == &AUTH_COMPR_BLOB_MAGIC_1_0 {
+                let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?;
+                return Ok(data);
+            } else {
+                return Ok(self.raw_data[data_start..].to_vec());
+            }
        } else {
            bail!("Invalid blob magic number.");
        }
    }

+    /// Create a signed DataBlob, optionally compressed
+    pub fn create_signed(
+        data: &[u8],
+        config: &CryptConfig,
+        compress: bool,
+    ) -> Result<Self, Error> {
+
+        if data.len() > 16*1024*1024 {
+            bail!("data blob too large ({} bytes).", data.len());
+        }
+
+        let compr_data;
+        let (_compress, data, magic) = if compress {
+            compr_data = zstd::block::compress(data, 1)?;
+            // Note: We only use compression if result is shorter
+            if compr_data.len() < data.len() {
+                (true, &compr_data[..], AUTH_COMPR_BLOB_MAGIC_1_0)
+            } else {
+                (false, data, AUTHENTICATED_BLOB_MAGIC_1_0)
+            }
+        } else {
+            (false, data, AUTHENTICATED_BLOB_MAGIC_1_0)
+        };
+
+        let header_len = std::mem::size_of::<AuthenticatedDataBlobHeader>();
+        let mut raw_data = Vec::with_capacity(data.len() + header_len);
+
+        let head = AuthenticatedDataBlobHeader {
+            head: DataBlobHeader { magic, crc: [0; 4] },
+            tag: config.compute_auth_tag(data),
+        };
+        unsafe {
+            raw_data.write_le_value(head)?;
+        }
+        raw_data.extend_from_slice(data);
+
+        return Ok(DataBlob { raw_data });
+    }
+
    /// Create Instance from raw data
    pub fn from_raw(data: Vec<u8>) -> Result<Self, Error> {

@ -201,6 +263,14 @@ impl DataBlob {

            let blob = DataBlob { raw_data: data };

+            Ok(blob)
+        } else if magic == AUTH_COMPR_BLOB_MAGIC_1_0 || magic == AUTHENTICATED_BLOB_MAGIC_1_0 {
+            if data.len() < std::mem::size_of::<AuthenticatedDataBlobHeader>() {
+                bail!("authenticated blob too small ({} bytes).", data.len());
+            }
+
+            let blob = DataBlob { raw_data: data };
+
            Ok(blob)
        } else {
            bail!("unable to parse raw blob - wrong magic");
--- a/src/backup/file_formats.rs
+++ b/src/backup/file_formats.rs
@ -26,6 +26,12 @@ pub static ENCRYPTED_BLOB_MAGIC_1_0: [u8; 8] = [123, 103, 133, 190, 34, 45, 76,
 // openssl::sha::sha256(b"Proxmox Backup zstd compressed encrypted blob v1.0")[0..8]
 pub static ENCR_COMPR_BLOB_MAGIC_1_0: [u8; 8] = [230, 89, 27, 191, 11, 191, 216, 11];

+//openssl::sha::sha256(b"Proxmox Backup authenticated blob v1.0")[0..8]
+pub static AUTHENTICATED_BLOB_MAGIC_1_0: [u8; 8] = [31, 135, 238, 226, 145, 206, 5, 2];
+
+//openssl::sha::sha256(b"Proxmox Backup zstd compressed authenticated blob v1.0")[0..8]
+pub static AUTH_COMPR_BLOB_MAGIC_1_0: [u8; 8] = [126, 166, 15, 190, 145, 31, 169, 96];
+
 // openssl::sha::sha256(b"Proxmox Backup fixed sized chunk index v1.0")[0..8]
 pub static FIXED_SIZED_CHUNK_INDEX_1_0: [u8; 8] = [47, 127, 65, 237, 145, 253, 15, 205];

@ -53,6 +59,19 @@ pub struct DataBlobHeader {
    pub crc: [u8; 4],
 }

+/// Authenticated data blob binary storage format
+///
+/// The ``DataBlobHeader`` for authenticated blobs additionally contains
+/// a 16 byte HMAC tag, followed by the data:
+///
+/// (MAGIC || CRC32 || TAG || Data).
+#[derive(Endian)]
+#[repr(C,packed)]
+pub struct AuthenticatedDataBlobHeader {
+    pub head: DataBlobHeader,
+    pub tag: [u8; 32],
+}
+
 /// Encrypted data blob binary storage format
 ///
 /// The ``DataBlobHeader`` for encrypted blobs additionally contains